bug-coreutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: fixes for whitespace in `pwd`

From: Jim Meyering
Subject: Re: fixes for whitespace in `pwd`
Date: Fri, 30 Nov 2007 13:48:45 +0100 
Ralf Wildenhues <address@hidden> wrote:
> Please consider this patch to fix some quoting errors for whitespace in
> the build dir name.
>
> There seems to be at least one more instance, in
> tests/misc/ls-misc: the command starting with
> | system (qq(touch setuid && chmod u+s setuid && $test -u setuid &
>
> looks like all instances of $test in there need escaping/quoting.
> I'm not brave enough to try the test as empowered user, though.

Thanks, Ralf.
However, that is not a problem, because a check in
the CuTmpdir module makes us skip the whole test when
the build directory is suspicious:

    $ pwd
    /t/a b/cu
    $ cd tests/misc && make check TESTS=ls-misc >& /dev/null
    $ tail -1 ls-misc.log
    -: skipping test: unsafe working directory name

Note the "-:" which should be "test_name:".  I've just fixed that, too.]

In spite of that, I've changed it to add quotes, just in case:

        Be extra careful to quote $abs_top_builddir-derived names.
        * tests/misc/ls-misc (shell_quote): New function.
        Use it to quote file names derived from $abs_top_builddir,
        in case it contains shell meta-characters.  This is not currently
        needed, since CuTmpdir detects the fishy name and skips the test.
        But it's important enough to add the extra protection.
        Reported by Ralf Wildenhues.

diff --git a/tests/misc/ls-misc b/tests/misc/ls-misc
index 520c503..1e4f327 100755
--- a/tests/misc/ls-misc
+++ b/tests/misc/ls-misc
@@ -35,9 +35,24 @@ use strict;
 # Turn off localisation of executable's ouput.
 @ENV{qw(LANGUAGE LANG LC_ALL)} = ('C') x 3;

+# If the string $S is a well-behaved file name, simply return it.
+# If it contains white space, quotes, etc., quote it, and return the new 
string.
+sub shell_quote($)
+{
+  my ($s) = @_;
+  if ($s =~ m![^\w+/.,-]!)
+    {
+      # Convert each single quote to '\''
+      $s =~ s/\'/\'\\\'\'/g;
+      # Then single quote the string.
+      $s = "'$s'";
+    }
+  return $s;
+}
+
 # Set up files used by the setuid-etc tests; skip this entire test if
 # that cannot be done.
-my $test = "$ENV{abs_top_builddir}/src/test";
+my $test = shell_quote "$ENV{abs_top_builddir}/src/test";
 system (qq(touch setuid && chmod u+s setuid && $test -u setuid &&
           touch setgid && chmod g+s setgid && $test -g setgid &&
           mkdir sticky && chmod +t sticky  && $test -k sticky &&
--
1.5.3.6.970.gd25430
reply via email to
[Prev in Thread] Current Thread [Next in Thread]